| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4923385F.1050200@gmail.com> Date: Tue, 18 Nov 2008 15:49:19 -0600 From: rholgstad <rholgstad@...il.com> To: Chris Evans <scarybeasts@...il.com> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Firefox cross-domain image theft (CESA-2008-009) no one cares Chris Evans wrote: > Hi, > > Firefox 2.0.0.18 <http://2.0.0.18> fixes a cross-domain theft of image > data. Firefox 3 unaffected. It's another interesting case where a > redirector confuses the browser about the true origin of a piece of > content. If evil.org <http://evil.org> hosts a redirector, e.g. > evil.org/redir <http://evil.org/redir>, and an image is loaded via > this redirector, the image will be treated as a same-domain image. In > this event, the image pixel data may easily be stolen by rendering the > image to a canvas and using the getImageData() JavaScript API. > > Advisory: http://scary.beasts.org/security/CESA-2008-009.html > > Blog post: > http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html > > Cheers > Chris > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists